2.3 Test Server Connection Signature Validation

Here is the professionally formatted section for 2.3 – Test Server Connection Signature Validation:

2.3 Test Server Connection Signature Validation

Requirement Description

Verify that the firmware applications validate the digital signature of server connections, ensuring authenticity and integrity of server-side data during communication.

DUT Confirmation Details

(To be filled based on OEM-provided inputs, e.g., model name, ID, manufacturer confirmation statements)

DUT Software Details

(To be filled based on OS/firmware version, application modules, and related packages)

Hash Checksum Verification for DUT’s Software Image

(Include SHA256/SHA512 hash verification value here)

DUT Configuration

(Brief description of network configuration, authentication settings, TLS stack, firewall policies etc.)

Pre-Conditions

The vendor shall provide the following documentation:

  • A detailed use-case document specifying instances where the DUT establishes outbound server connections.

  • A description of digital signature validation mechanisms (e.g., certificate pinning, mutual TLS, HMAC validation).

  • Any security controls or APIs implemented to handle signature verification during server communication.

Test Plan Overview

Test Case ID

Test Name

BIS-2.3.1

TC_VALIDATE_SIGNATURE_VALID

BIS-2.3.2

TC_VALIDATE_SIGNATURE_INVALID

BIS-2.3.3

TC_VALIDATE_SIGNATURE_EXPIRED

BIS-2.3.4

TC_VALIDATE_SIGNATURE_MISSING

BIS-2.3.5

TC_VALIDATE_SIGNATURE_ON_SERVER_RESPONSE_CONTENT

Test-bed Diagram with Interfaces and IPs

(Provide a network diagram indicating DUT, test server, MITM/Intercept tools, signature manipulation tools, IPs/subnets used in testing.)

PreviousTEST 1-5NextTest 1-5

Last updated

Was this helpful?